-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
e17cf17
commit 824d84e
Showing
5 changed files
with
314 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| # poc12 | ||
| # poc12-AVC_DuplicateConfig-SEGV | ||
| ## Test Environment | ||
| Ubuntu 18.04, 64bit | ||
| gpac (master 94ad872) | ||
|
|
@@ -7,6 +7,7 @@ gpac (master 94ad872) | |
| `$ MP4Box -diso $POC` | ||
|
|
||
| ## Reference | ||
| https://github.com/gpac/gpac/issues/1179 | ||
|
|
||
| ## Credits | ||
| Yanhao([email protected]) | ||
|
|
@@ -165,7 +166,7 @@ AVC_DuplicateConfig (cfg=0x0) | |
| #41 0x0000555555561e6a in _start () | ||
| ``` | ||
|
|
||
| # poc13 | ||
| # poc13-leak | ||
| ## Test Environment | ||
| Ubuntu 18.04, 64bit | ||
| gpac (master 94ad872) | ||
|
|
@@ -175,6 +176,7 @@ gpac (master 94ad872) | |
| `$ MP4Box -diso $POC` | ||
|
|
||
| ## Reference | ||
| https://github.com/gpac/gpac/issues/1183 | ||
|
|
||
| ## Credits | ||
| Yanhao([email protected]) | ||
|
|
@@ -194,7 +196,7 @@ Direct leak of 40 byte(s) in 1 object(s) allocated from: | |
| SUMMARY: AddressSanitizer: 40 byte(s) leaked in 1 allocation(s). | ||
| ``` | ||
|
|
||
| # poc14 | ||
| # poc14-audio_sample_entry_AddBox-heapoverflow | ||
| ## Test Environment | ||
| Ubuntu 18.04, 64bit | ||
| gpac (master 94ad872) | ||
|
|
@@ -204,6 +206,7 @@ gpac (master 94ad872) | |
| `$ MP4Box -diso $POC` | ||
|
|
||
| ## Reference | ||
| https://github.com/gpac/gpac/issues/1180 | ||
|
|
||
| ## Credits | ||
| Yanhao([email protected]) | ||
|
|
@@ -288,4 +291,38 @@ Shadow byte legend (one shadow byte represents 8 application bytes): | |
| Left alloca redzone: ca | ||
| Right alloca redzone: cb | ||
| ==71438==ABORTING | ||
| ``` | ||
|
|
||
| ### GDB report | ||
|
|
||
| ``` | ||
| malloc_consolidate(): invalid chunk size | ||
| Program received signal SIGABRT, Aborted. | ||
| __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 | ||
| 51 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. | ||
| (gdb) bt | ||
| #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 | ||
| #1 0x00007ffff7350801 in __GI_abort () at abort.c:79 | ||
| #2 0x00007ffff7399897 in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7ffff74c6b9a "%s\n") at ../sysdeps/posix/libc_fatal.c:181 | ||
| #3 0x00007ffff73a090a in malloc_printerr (str=str@entry=0x7ffff74c83f0 "malloc_consolidate(): invalid chunk size") at malloc.c:5350 | ||
| #4 0x00007ffff73a0bae in malloc_consolidate (av=av@entry=0x7ffff76fbc40 <main_arena>) at malloc.c:4441 | ||
| #5 0x00007ffff73a47d8 in _int_malloc (av=av@entry=0x7ffff76fbc40 <main_arena>, bytes=bytes@entry=4096) at malloc.c:3703 | ||
| #6 0x00007ffff73a70fc in __GI___libc_malloc (bytes=4096) at malloc.c:3057 | ||
| #7 0x00007ffff738e18c in __GI__IO_file_doallocate (fp=0x5555557a6260) at filedoalloc.c:101 | ||
| #8 0x00007ffff739e379 in __GI__IO_doallocbuf (fp=fp@entry=0x5555557a6260) at genops.c:365 | ||
| #9 0x00007ffff739ad23 in _IO_new_file_seekoff (fp=0x5555557a6260, offset=0, dir=2, mode=<optimized out>) at fileops.c:960 | ||
| #10 0x00007ffff7398dd9 in fseeko (fp=fp@entry=0x5555557a6260, offset=offset@entry=0, whence=whence@entry=2) at fseeko.c:36 | ||
| #11 0x00007ffff77527c9 in gf_fseek (fp=fp@entry=0x5555557a6260, offset=offset@entry=0, whence=whence@entry=2) | ||
| at /home/ubuntu/Desktop/crashana/gpac/gpac-94ad872/src/utils/os_file.c:756 | ||
| #12 0x00007ffff7753323 in gf_bs_from_file (f=0x5555557a6260, mode=mode@entry=0) at /home/ubuntu/Desktop/crashana/gpac/gpac-94ad872/src/utils/bitstream.c:179 | ||
| #13 0x00007ffff7894173 in gf_isom_fdm_new (sPath=<optimized out>, mode=<optimized out>) at /home/ubuntu/Desktop/crashana/gpac/gpac-94ad872/src/isomedia/data_map.c:453 | ||
| #14 0x00007ffff7894400 in gf_isom_datamap_new (location=<optimized out>, location@entry=0x7fffffffe197 "../../poc14-heapoverflow", parentPath=parentPath@entry=0x0, | ||
| mode=mode@entry=1 '\001', outDataMap=outDataMap@entry=0x5555557a68b0) at /home/ubuntu/Desktop/crashana/gpac/gpac-94ad872/src/isomedia/data_map.c:185 | ||
| #15 0x00007ffff789cf66 in gf_isom_open_progressive (fileName=<optimized out>, start_range=0, end_range=0, the_file=0x5555557a5738 <file>, BytesMissing=0x7fffffff9390) | ||
| at /home/ubuntu/Desktop/crashana/gpac/gpac-94ad872/src/isomedia/isom_read.c:367 | ||
| #16 0x000055555556f48b in mp4boxMain (argc=<optimized out>, argv=<optimized out>) at /home/ubuntu/Desktop/crashana/gpac/gpac-94ad872/applications/mp4box/main.c:4542 | ||
| #17 0x00007ffff7331b97 in __libc_start_main (main=0x555555561e30 <main>, argc=3, argv=0x7fffffffdd98, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, | ||
| stack_end=0x7fffffffdd88) at ../csu/libc-start.c:310 | ||
| #18 0x0000555555561e6a in _start () | ||
| ``` | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,120 @@ | ||
| # poc10-GifIndexToTrueColor-HeapOverFlow | ||
| *Developer of ngiflib said that poc11 is same as poc10.* | ||
|
|
||
| ## Test Environment | ||
| Ubuntu 18.04, 64bit | ||
| ngiflib(master c8488d5) | ||
|
|
||
| ## How to trigger | ||
| `$ gif2tga $POC` | ||
|
|
||
| ## Reference | ||
| https://github.com/miniupnp/ngiflib/issues/9 | ||
|
|
||
| ## Credits | ||
| Yanhao([email protected]) | ||
| Marsman1996([email protected]) | ||
|
|
||
| ## Details | ||
| ### Asan report | ||
|
|
||
| ``` | ||
| ================================================================= | ||
| ==1786==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x603000000036 at pc 0x5578a31e5b4c bp 0x7ffce98362c0 sp 0x7ffce98362b0 | ||
| READ of size 1 at 0x603000000036 thread T0 | ||
| #0 0x5578a31e5b4b in GifIndexToTrueColor /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/ngiflib.c:821 | ||
| #1 0x5578a31e7c4f in WritePixel /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/ngiflib.c:124 | ||
| #2 0x5578a31e7c4f in DecodeGifImg /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/ngiflib.c:537 | ||
| #3 0x5578a31e9d51 in LoadGif /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/ngiflib.c:802 | ||
| #4 0x5578a31e4d84 in main /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/gif2tga.c:95 | ||
| #5 0x7f8bea6a7b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96) | ||
| #6 0x5578a31e4129 in _start (/home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/gif2tga+0x2129) | ||
| 0x603000000036 is located 14 bytes to the right of 24-byte region [0x603000000010,0x603000000028) | ||
| allocated by thread T0 here: | ||
| #0 0x7f8beab55b50 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb50) | ||
| #1 0x5578a31e8ced in LoadGif /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/ngiflib.c:645 | ||
| SUMMARY: AddressSanitizer: heap-buffer-overflow /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/ngiflib.c:821 in GifIndexToTrueColor | ||
| Shadow bytes around the buggy address: | ||
| 0x0c067fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c067fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c067fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c067fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c067fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| =>0x0c067fff8000: fa fa 00 00 00 fa[fa]fa fa fa fa fa fa fa fa fa | ||
| 0x0c067fff8010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c067fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c067fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c067fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c067fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| Shadow byte legend (one shadow byte represents 8 application bytes): | ||
| Addressable: 00 | ||
| Partially addressable: 01 02 03 04 05 06 07 | ||
| Heap left redzone: fa | ||
| Freed heap region: fd | ||
| Stack left redzone: f1 | ||
| Stack mid redzone: f2 | ||
| Stack right redzone: f3 | ||
| Stack after return: f5 | ||
| Stack use after scope: f8 | ||
| Global redzone: f9 | ||
| Global init order: f6 | ||
| Poisoned by user: f7 | ||
| Container overflow: fc | ||
| Array cookie: ac | ||
| Intra object redzone: bb | ||
| ASan internal: fe | ||
| Left alloca redzone: ca | ||
| Right alloca redzone: cb | ||
| ==1786==ABORTING | ||
| ``` | ||
|
|
||
| # poc11-GifIndexToTrueColor-SEGV | ||
| ## Test Environment | ||
| Ubuntu 18.04, 64bit | ||
| ngiflib(master c8488d5) | ||
|
|
||
| ## How to trigger | ||
| `$ gif2tga $POC` | ||
|
|
||
| ## Reference | ||
| https://github.com/miniupnp/ngiflib/issues/9 | ||
|
|
||
| ## Credits | ||
| Yanhao([email protected]) | ||
| Marsman1996([email protected]) | ||
|
|
||
| ## Details | ||
| ### Asan report | ||
|
|
||
| ``` | ||
| ==2123==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000005 (pc 0x55e059633aec bp 0x607000000090 sp 0x7ffef8b0a370 T0) | ||
| ==2123==The signal is caused by a READ memory access. | ||
| ==2123==Hint: address points to the zero page. | ||
| #0 0x55e059633aeb in GifIndexToTrueColor /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/ngiflib.c:821 | ||
| #1 0x55e059635c4f in WritePixel /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/ngiflib.c:124 | ||
| #2 0x55e059635c4f in DecodeGifImg /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/ngiflib.c:537 | ||
| #3 0x55e059637d51 in LoadGif /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/ngiflib.c:802 | ||
| #4 0x55e059632d84 in main /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/gif2tga.c:95 | ||
| #5 0x7fe721399b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96) | ||
| #6 0x55e059632129 in _start (/home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/gif2tga+0x2129) | ||
| AddressSanitizer can not provide additional info. | ||
| SUMMARY: AddressSanitizer: SEGV /home/ubuntu/Desktop/crashana/ngiflib/ngiflib-c8488d5/ngiflib.c:821 in GifIndexToTrueColor | ||
| ==2123==ABORTING | ||
| ``` | ||
|
|
||
| ### GDB report | ||
|
|
||
| ``` | ||
| Program received signal SIGSEGV, Segmentation fault. | ||
| 0x0000555555555665 in GifIndexToTrueColor (palette=<optimized out>, v=v@entry=1 '\001') at ngiflib.c:821 | ||
| 821 return palette[v].b | (palette[v].g << 8) | (palette[v].r << 16); | ||
| (gdb) bt | ||
| #0 0x0000555555555665 in GifIndexToTrueColor (palette=<optimized out>, v=v@entry=1 '\001') at ngiflib.c:821 | ||
| #1 0x0000555555555ee7 in WritePixel (v=1 '\001', context=0x7fffffff95a0, i=0x55555575b510) at ngiflib.c:124 | ||
| #2 DecodeGifImg (i=0x55555575b510) at ngiflib.c:537 | ||
| #3 0x000055555555695e in LoadGif (g=0x555555759260) at ngiflib.c:802 | ||
| #4 0x0000555555555258 in main (argc=<optimized out>, argv=<optimized out>) at gif2tga.c:95 | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,154 @@ | ||
| # poc15-packet2tree-heapoverflow | ||
| ## Test Environment | ||
| Ubuntu 18.04, 64bit | ||
| tcpreplay (master 2d87447) | ||
|
|
||
| ``` | ||
| tcpprep version: 4.3.0 (build git:v4.3.0-1-g2d874470) | ||
| Copyright 2013-2018 by Fred Klassen <tcpreplay at appneta dot com> - AppNeta | ||
| Copyright 2000-2012 by Aaron Turner <aturner at synfin dot net> | ||
| The entire Tcpreplay Suite is licensed under the GPLv3 | ||
| Cache file supported: 04 | ||
| Not compiled with libdnet. | ||
| Compiled against libpcap: 1.8.1 | ||
| 64 bit packet counters: enabled | ||
| Verbose printing via tcpdump: enabled | ||
| ``` | ||
|
|
||
| ## How to trigger | ||
| ./tcpprep --auto=bridge --pcap=$POC --cachefile=/dev/null | ||
|
|
||
| ## Reference | ||
|
|
||
|
|
||
| ## Credits | ||
| Yanhao([email protected]) | ||
| Marsman1996([email protected]) | ||
|
|
||
| ## Details | ||
| ### Asan report | ||
|
|
||
| ``` | ||
| ubuntu@ubuntu-virtual-machine:~/Desktop/crashana$ ./tcpreplay/tcpreplay-2d87447/bin_asan/bin/tcpprep --auto=bridge --pcap=./tcpreplay/poc15-packet2tree-heapoverflow --cachefile=/dev/null | ||
| Warning: ./tcpreplay/poc15-packet2tree-heapoverflow was captured using a snaplen of 50 bytes. This may mean you have truncated packets. | ||
| ================================================================= | ||
| ==46592==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60600000005a at pc 0x5625e6ae8e31 bp 0x7ffc780aa970 sp 0x7ffc780aa960 | ||
| READ of size 4 at 0x60600000005a thread T0 | ||
| #0 0x5625e6ae8e30 in packet2tree ../../src/tree.c:749 | ||
| #1 0x5625e6aebfe2 in add_tree_ipv4 ../../src/tree.c:536 | ||
| #2 0x5625e6ae6fef in process_raw_packets ../../src/tcpprep.c:463 | ||
| #3 0x5625e6ae4bed in main ../../src/tcpprep.c:146 | ||
| #4 0x7fc706f92b96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96) | ||
| #5 0x5625e6ae54e9 in _start (/home/ubuntu/Desktop/crashana/tcpreplay/tcpreplay-2d87447/bin_asan/bin/tcpprep+0x104e9) | ||
| 0x60600000005a is located 8 bytes to the right of 50-byte region [0x606000000020,0x606000000052) | ||
| allocated by thread T0 here: | ||
| #0 0x7fc707681b50 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb50) | ||
| #1 0x7fc70738189f (/usr/lib/x86_64-linux-gnu/libpcap.so.0.8+0x1f89f) | ||
| SUMMARY: AddressSanitizer: heap-buffer-overflow ../../src/tree.c:749 in packet2tree | ||
| Shadow bytes around the buggy address: | ||
| 0x0c0c7fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c0c7fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c0c7fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c0c7fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c0c7fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| =>0x0c0c7fff8000: fa fa fa fa 00 00 00 00 00 00 02[fa]fa fa fa fa | ||
| 0x0c0c7fff8010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c0c7fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c0c7fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c0c7fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c0c7fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| Shadow byte legend (one shadow byte represents 8 application bytes): | ||
| Addressable: 00 | ||
| Partially addressable: 01 02 03 04 05 06 07 | ||
| Heap left redzone: fa | ||
| Freed heap region: fd | ||
| Stack left redzone: f1 | ||
| Stack mid redzone: f2 | ||
| Stack right redzone: f3 | ||
| Stack after return: f5 | ||
| Stack use after scope: f8 | ||
| Global redzone: f9 | ||
| Global init order: f6 | ||
| Poisoned by user: f7 | ||
| Container overflow: fc | ||
| Array cookie: ac | ||
| Intra object redzone: bb | ||
| ASan internal: fe | ||
| Left alloca redzone: ca | ||
| Right alloca redzone: cb | ||
| ==46592==ABORTING | ||
| ``` | ||
|
|
||
|
|
||
| # poc16-get_l2len-heapoverflow | ||
| ## Test Environment | ||
| Ubuntu 18.04, 64bit | ||
| tcpreplay (master 2d87447) | ||
|
|
||
| ## How to trigger | ||
| ./tcpprep --auto=bridge --pcap=$POC --cachefile=/dev/null | ||
|
|
||
| ## Reference | ||
|
|
||
|
|
||
| ## Credits | ||
| Yanhao([email protected]) | ||
| Marsman1996([email protected]) | ||
|
|
||
| ## Details | ||
| ### Asan report | ||
|
|
||
| ``` | ||
| ubuntu@ubuntu-virtual-machine:~/Desktop/crashana$ ./tcpreplay/tcpreplay-2d87447/bin_asan/bin/tcpprep --auto=bridge --pcap=./tcpreplay/poc16-get_l2len-heapoverflow --cachefile=/dev/null | ||
| Warning: ./tcpreplay/poc16-get_l2len-heapoverflow was captured using a snaplen of 17 bytes. This may mean you have truncated packets. | ||
| ================================================================= | ||
| ==54318==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x603000000020 at pc 0x5637ffc1f43a bp 0x7fffbeb468b0 sp 0x7fffbeb468a0 | ||
| READ of size 2 at 0x603000000020 thread T0 | ||
| #0 0x5637ffc1f439 in get_l2len ../../../src/common/get.c:183 | ||
| #1 0x5637ffc1f492 in get_ipv4 ../../../src/common/get.c:247 | ||
| #2 0x5637ffc12c79 in process_raw_packets ../../src/tcpprep.c:367 | ||
| #3 0x5637ffc10bed in main ../../src/tcpprep.c:146 | ||
| #4 0x7f99179dfb96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96) | ||
| #5 0x5637ffc114e9 in _start (/home/ubuntu/Desktop/crashana/tcpreplay/tcpreplay-2d87447/bin_asan/bin/tcpprep+0x104e9) | ||
| 0x603000000021 is located 0 bytes to the right of 17-byte region [0x603000000010,0x603000000021) | ||
| allocated by thread T0 here: | ||
| #0 0x7f99180ceb50 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb50) | ||
| #1 0x7f9917dce89f (/usr/lib/x86_64-linux-gnu/libpcap.so.0.8+0x1f89f) | ||
| SUMMARY: AddressSanitizer: heap-buffer-overflow ../../../src/common/get.c:183 in get_l2len | ||
| Shadow bytes around the buggy address: | ||
| 0x0c067fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c067fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c067fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c067fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| 0x0c067fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ||
| =>0x0c067fff8000: fa fa 00 00[01]fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c067fff8010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c067fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c067fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c067fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| 0x0c067fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | ||
| Shadow byte legend (one shadow byte represents 8 application bytes): | ||
| Addressable: 00 | ||
| Partially addressable: 01 02 03 04 05 06 07 | ||
| Heap left redzone: fa | ||
| Freed heap region: fd | ||
| Stack left redzone: f1 | ||
| Stack mid redzone: f2 | ||
| Stack right redzone: f3 | ||
| Stack after return: f5 | ||
| Stack use after scope: f8 | ||
| Global redzone: f9 | ||
| Global init order: f6 | ||
| Poisoned by user: f7 | ||
| Container overflow: fc | ||
| Array cookie: ac | ||
| Intra object redzone: bb | ||
| ASan internal: fe | ||
| Left alloca redzone: ca | ||
| Right alloca redzone: cb | ||
| ==54318==ABORTING | ||
| ``` |
Binary file not shown.
Binary file not shown.